It is strongly recommended that you do not host a Docker image of the Wallarm NGINX Plus Ingress controller in the public Docker repository due to the risk of exposing the NGINX Plus license files to the public.

It is sufficient to obtain access to the Docker Hub registry in order to complete this guide. The registry will provide you with one free-of-charge private Docker repository.

You should gather the following information to continue:

The login and password pair that you use to access the Docker registry

The name of the Docker registry

A path to the repository

Docker registry name

Depending on the service provider chosen, the name of the Docker registry and the path to the repository can be different. Please consult with your service provider’s documentation for more information.

The Docker’s registry name is a part of the path to the repository.
For example, if you are using Docker Hub, the path to access the repository example-repository created by user john will be as follows:

docker.io/john/example-repository

Building the Ingress Controller

Log in to your Docker registry by executing the following command:

$ docker login <name of the Docker registry>

You should provide the login and password that you use to access the Docker registry when prompted.

Example:

To log in to the Docker Hub registry execute the following command:

$ docker login docker.io

Depending on your system settings, you could be required to elevate privileges either by issuing the sudo command or running the command as the root user in order to execute the docker command.

You have the option to allow executing the docker command by the currently logged-in user. To do so, you have to add the user to the docker group. However, you must remember that having membership in this group is equal to having the root user’s privileges. This may potentially lead to severe security-related issues. You can obtain more detailed information here.

Your service provider may provide additional tools to manage Docker registries. For example, Microsoft ships an az acr tool to manage the Microsoft Azure Container Registry, whereas Google provides you with a gcloud tool to manage the Google Container Registry. You can use these tools instead of the dockerlogin command to log in to the specific registries. Please consult your service provider’s documentation for more information.

Clone the Wallarm NGINX Ingress Plus repository by executing the following command:

$ git clone https://github.com/wallarm/ingress-plus/

Change your working directory to the ingress-plus/ by executing the following command:

$ cd ingress-plus/

Copy the NGINX Plus key and certificate files in the working directory. If you do not have the files, you have to obtain an NGINX Plus license. An scp utility or similar tool could be used to perform the copy operation.

Make sure that you have copied all necessary files by executing the following command:

ls nginx-repo.*

You should be provided with the following output:

nginx-repo.crt nginx-repo.key

Initiate the building process by executing the following commands one by one:

Note that you should provide the path to your Docker repository as the value of the PREFIX argument in the make command. A Docker image will be pushed to that repository when the build process is complete.

Example

To publish the image to the private repository example-repository, created by user john and hosted on Docker Hub, provide the following PREFIX argument to the make command: